How to re-create this problem: Set CCAV’s sandbox settings to “run only safe applications”. In the sandbox of sandboxie that you’ll be using, disable auto-recovery. Open a browser inside sandboxie. download a setup file for something that’s unknown to comodo inside that sandboxie’d web browser. Attempt to open the file straight from that Sandboxie’d web browser’s download history or whatever prompt that would let you run it straight from the Sandboxie’d browser.
Expected result: CCAV won’t block it when set to “run only safe applications” in CCAV’s sandbox settings and the file will run inside sandboxie’s supervision. This isn’t much of a security risk, unless the unknown file was spyware loaded from an exploit kit it. If that’s the case, it could still do its damage pretty much unhindered.
Desired result: CCAV will block the unknown file when set to “run only safe applications” no matter what and submit the unknown file to Valkyrie and the regular cloud too. For that last part, a tickbox should be added in case the user wouldn’t want that, but it should be enabled by default